SoalrWinds SEM - great value
Overall Satisfaction with SolarWinds Security Event Manager (SEM)
It addresses the issue of audit requirement by utilizing log consolidation (syslog, traps, windows log). For windows, an agent needs to be deployed. SEM normalizes the data for several fields so that it is easier to locate the specific event from the 10 million events received per day. The GUI is split into two parts. The first part is part of the new GUI which has dashboard, monitor, nodes, rules, groups (limited). The second is the older GUI where the other functions are. I tend to stay in the older GUI unless the function has been moved over to the new GUI. There is a third interface which can be reached by SSHing to the SEM. This allows to us to diagnosis any issues with the SEM.
It is generally used by the security team, but read-only access has been given to the networking and windows team to enable them to search for specific log entries.
It is generally used by the security team, but read-only access has been given to the networking and windows team to enable them to search for specific log entries.
Pros
- Parses the logs into several comment fields to make the search easier
- Can scale up to 218 million per day
Cons
- For large amount of events, there is an unreasonable amount of CPUs and Memory needed
- Reporting function has not been updated in many years and is very difficult to write
- ROI is favorable as it checks off auditing requirements.
- Right after installation, SEM usually uncovers various of issues, which the clients love to see. One client uncovered thousands of failed logins from an employee who had left the company years ago.
Several clients have moved away from LogRhythm because of cost. SEM offers the best ROI for the function. Its interface is much cleaner then LogRhythm. However, there is a steeper learning curve with SEM. The ease of search and data integrity offered by SEM is definitely a plus - as it stores multiple copies of the database and cross-checks for integrity.
Do you think SolarWinds Security Event Manager (SEM) delivers good value for the price?
Yes
Are you happy with SolarWinds Security Event Manager (SEM)'s feature set?
Yes
Did SolarWinds Security Event Manager (SEM) live up to sales and marketing promises?
Yes
Did implementation of SolarWinds Security Event Manager (SEM) go as expected?
Yes
Would you buy SolarWinds Security Event Manager (SEM) again?
Yes
Comments
Please log in to join the conversation